This article is called extended guide is because there is already a security guide in the Yii tutorial security section. but that guide is not complete in the sense that it does not rise the developers' attention to some other commonly happening attacks: SQL injection and magic URL, which can be major vulnerabilities in your application without much caring.
First param in CActiveDataProvider could be a string with model name or instance of class. So, you may use CActiveRecord::cache() for cache, but you need set third param to 2, because you should cache 2 queries: counting and get data.
If you are lucky enough and have the privilege to develop on a Linux based environment, this little tip might boost-up your TDD process (at least the Unit Testing part). Please note, that this should work just fine with Apple computers also, but not tested!
CFormatter is one of Yii's core components and used to format values displayed in widgets like CGridView or CDetailView. All classic formats like numbers, text, urls or datetime are supported but you may have to use a formatting rule that isn't built in. Let's say we want to display arrays of strings (like tags associated with a product model). When using CDetailView we would usually make use of PHPs implode function to create a simple string value of all values in the $product->tags array.